<?php
set_include_path ( get_include_path () . PATH_SEPARATOR . '../' );
include_once 'Include.php';

if (isset ( $_SESSION ['user'] ['id'] )) {
	header ( "Location: index.php" );
}

$error = '';
if (isset ( $_REQUEST ['validate'] ) && $_REQUEST ['validate'] != $_SESSION ['vdcode'] && $_SESSION ['login'] ['count'] > 1) {
	$error = '验证码不正确！';
} else if (isset ( $_REQUEST ['name'] )) {
	$userTable = new UserTable ( );
	$name = req ( 'name' );
	$password = req ( 'password' );
	$cookie_time = req ( 'cookie' );
	$d = $userTable->checkLogin ( $name, $password );
	if (count ( $d ) != 0) {
		session_register ( session_id () );
		//  保存一天 
		setcookie ( session_name (), session_id (), time () + $cookie_time, "/" );
		//session_unregister ( $d [0] ['session'] );
		//if($d [0] ['session'] != "")
			//@unlink(session_save_path().'/sess_'.$d [0] ['session']);
		$set = array ('session' => session_id () );
		$where = $db->quoteInto ( 'id = ?', $d [0] ['id'] );
		$rows_affected = $userTable->update ( $set, $where );
		setcookie ( "user[id]", $d [0] ['id'], time () + $cookie_time );
		setcookie ( "user[name]", $d [0] ['name'], time () + $cookie_time );
		setcookie ( "user[role]", $d [0] ['role'], time () + $cookie_time );		
		

		$_SESSION ['user'] ['id'] = $d [0] ['id'];
		$_SESSION ['user'] ['name'] = $d [0] ['name'];
		$_SESSION ['user'] ['role'] = $d [0] ['role'];
		
		// 权限---频道部分
		if ($d [0] ['role'] == '3') {
			$categoryTable = new CategoryTable ( );
			$userCategoryTable = new UserCategoryTable ( );
			$d = $userCategoryTable->fetchByUid ( $_SESSION ['user'] ['id'] );
			
			$lmidRight = array ();
			for($i = 0; $i < count ( $d ); $i ++) {
				$d2 [$i] = $categoryTable->findMain ( $d [$i] ['category_id'] );
				for($j = 0; $j < count ( $d2 [$i] ); $j ++) {
					$lmidRight [] = $d2 [$i] [$j] ['id'];
				}
			}
			$_SESSION ['user'] ['lmidRight'] = $lmidRight;
		}
		
		header ( "Location: index.php" );
	}
	$_SESSION ['login'] ['count'] += 1;
}

if (! isset ( $_SESSION ['login'] ['count'] )) {
	$_SESSION ['login'] ['count'] = 1;
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>欢迎登陆珠海新闻网--内容管理系统</title>
<style type="text/css">
@import url('../css/G.css');
</style>
<script type="text/javascript"
	src="<?=YUI_PATH?>build/yahoo-dom-event/yahoo-dom-event.js"></script>
<script type="text/javascript"
	src="<?=YUI_PATH?>build/connection/connection-min.js"></script>
<script type="text/javascript">
var  Dom = YAHOO.util.Dom,
     Event = YAHOO.util.Event;
</script>
</head>

<body>
<div style="margin: 20px 0 0 0;">
<form action="" method="post">
<table width="30%" class="table-lm2"
	style="margin-left: auto; margin-right: auto;">
	<caption>后台登录窗口</caption>
	<tr>
		<td class="td-header-r td-bottom">登录名</td>
		<td><input type="text" id="name" name="name" class="input-text" size="30" /></td>
	</tr>
	<tr>
		<td class="td-header-r td-bottom">密码</td>
		<td><input type="password" id="password" name="password" class="input-text" size="30" /></td>
	</tr>
<?php
$html = '<tr>
			<td class="td-header-r td-bottom">验证码</td>
			<td><input type="text" id="validate" name="validate" class="input-text" size="30" style="float:left; margin-top:10px;"/>
				<img id="vd" src="imgCode.php" style=" float:left; margin:0 5px; border:#00F solid 1px;" alt="点击切换验证码" onclick="getImgCode()" /></td>
		</tr>';
if ($_SESSION ['login'] ['count'] > 1) {
	echo $html;
}
?>
    <tr>
		<td class="td-header-r td-bottom">Cookie</td>
		<td><input type="radio" name="cookie" value="1200" />不保存 
        <input type="radio" name="cookie" checked="checked" value="43200" />一天</td>
	</tr>
	<tr>
		<td class="td-no">&nbsp;</td>
		<td class="td-left"><input type="submit" value=" 登 录 " /> <?=$error?></td>
	</tr>
</table>
</form>
</div>
</body>
</html>
<script type="text/javascript">
function getImgCode(){
	var handleSuccess = function(o){				
		document.getElementById("vd").src = o.responseText;			
	}   
	
	var handleFailure = function(o){  
		if(o.responseText !== undefined){   
			div.innerHTML = "<li>Transaction id: " + o.tId + "</li>";   
			div.innerHTML += "<li>HTTP status: " + o.status + "</li>";   
			div.innerHTML += "<li>Status code message: " + o.statusText + "</li>";   
		}   
	}   
	
	var callback = {   
	  success:handleSuccess,   
	  failure: handleFailure,   
	  argument: { foo:"foo", bar:"bar" }   
	};  
	
	var request = YAHOO.util.Connect.asyncRequest('GET', 'imgCode.php?r='+Math.random(), callback);
}

Event.onDOMReady(function() {	
	var s = '<?=$_SESSION ['login'] ['count']?>';
	if(s > 1)
		getImgCode();

});
</script>
